The major telecommunication giant, Syniverse, recently discovered that their system has experienced a long-term breach, during which hackers had access to data being processed by the servers for at least five years. By breaching the system, hackers gained access to billions of text messages, relatable to millions of users using fingerprinted hardware. Being one of the largest providers of services to companies such as AT&T, T-Mobile, and Verizon, it is important to realize just how significant of an impact this breach has had.
How Was the Breach Discovered?
Syniverse has announced in a filing to U.S. Security and Exchange Commission on September 27th that their internal investigation uncovered the breach, with traces of it reaching May of 2016, which is when the breach was supposedly initiated. The company has not discovered the breach until May of 2021, revealing that 235 of their clients’ login information was compromised. One of the former Syniverse employees has stated that their systems also carry sensitive information such as text messages and that it is very likely that this data was also compromised. Taking into account that Syniverse processes over 740 billion messages every year, it is clear that the amount of data that was supposedly exposed is truly vast.
It is hard to estimate the true damages of the breach, as this is not the only major data breach in the latest years, so it is next to impossible to trace the damages back to the origin. However, it is important to realize that everyone can take steps to improve their online data security by using offline 2FA (Two-Factor-Authentication) methods or even hardware tokens and security keys that can be purchased easily nowadays. SMS-based 2FA is not secure and it is possible to bypass it.
Source: https://www.sec.gov/Archives/edgar/data/1839175/000119312521284329/d234831dprem14a.htm
